Module org.bzdev.desktop
Package org.bzdev.swing

Class AuthenticationPane

java.lang.Object
java.awt.Component
java.awt.Container
javax.swing.JComponent
org.bzdev.swing.AuthenticationPane
All Implemented Interfaces:
ImageObserver, MenuContainer, Serializable
public class AuthenticationPane extends JComponent
Authenticator GUI component.

Typical usage: Authenticator.setDefault(AuthenticationPane.getAuthenticator(component)); where component is a component on which to center a dialog that is created when interaction with the user is necessary.

If the server does not have a certificate signed by a certificate authority, SSL will have to be configured to handle this case. The class SSLUtilities has methods that can handle this situation. The class ConfigPropUtilities may also be useful.

See Also:

  • Method Details

    • setPrivateKey

      public static void setPrivateKey(File pemfile) throws IllegalArgumentException
      Set the default private key for secure basic authentication. The file's extension should be ".pem", ".pem.gpg" when the file is GPG encrypted, or ".sbl" if the file was created with the program sbl.

      This can be used for simple cases where an SBL file is not available, in which case the user will have to enter a user name and password in addition to a passphrase when necessary to decrypt the private key.

      Parameters:
      pemfile - a file, possibly encrypted, in PEM format containing the private key; null to remove the default private key
      Throws:
      IllegalArgumentException - if the argument is not an ordinary file, is not readable, or has the wrong extension

    • getLoginURI

      public static URI getLoginURI(URI uri) throws URISyntaxException
      Throws:
      URISyntaxException

    • setGPGHome

      public static void setGPGHome(File gpgdir) throws IOException
      Set the GPG home directory given a File. The argument is a file whose name is used as the --homedir argument for gpg commands.
      Parameters:
      gpgdir - the GPG home directory; null for the default
      Throws:
      IOException - if an IO error occurs while constructing a cannonical path

    • setGPGDir

      public static void setGPGDir(String gpgdir)
      Set the GPG home directory given a file name. The argument is the directory name used as the --homedir argument for gpg commands.
      Parameters:
      gpgdir - the GPG home directory; null for the default

    • addSBLFile

      public static URI addSBLFile(InputStream is) throws IOException, URISyntaxException
      Add an SBL file given an input stream. SBL files can be created by the program sbl and store private and public keys for creating and verifying secure one-time passwords. These files include some subsidiary data including URIs for logins, etc.
      Parameters:
      is - the input stream containing the SBL file
      Returns:
      the first URI to visit when logging in
      Throws:
      IOException
      URISyntaxException

    • addSBLFile

      public static URI addSBLFile(InputStream is, String key) throws IOException, URISyntaxException
      Add an SBL file given an input stream and a key. SBL files can be created by the program sbl and store private and public keys for creating and verifying secure one-time passwords. These files include some subsidiary data including URIs for logins, etc.

      A key is the first component of a compound key in an SBL file, excluding an initial "base64" or "ebase64". This allows multiple web sites or portions of a web site to be handled by a single SBL file.

      Parameters:
      is - the input stream containing the SBL file
      key - the key
      Returns:
      the first URI to visit when logging in
      Throws:
      IOException
      URISyntaxException

    • addSBLFile

      public static URI addSBLFile(File sblfile) throws IOException, URISyntaxException
      Add an SBL file. SBL files can be created by the program sbl and store private and public keys for creating and verifying secure one-time passwords. These files include some subsidiary data including URIs for logins, etc.
      Parameters:
      sblfile - the SBL file
      Returns:
      the first URI to visit when logging in
      Throws:
      IOException
      URISyntaxException

    • addSBLFile

      public static URI addSBLFile(File sblfile, String key) throws IOException, URISyntaxException
      Add an SBL file with a key. SBL files can be created by the program sbl and store private and public keys for creating and verifying secure one-time passwords. These files include some subsidiary data including URIs for logins, etc. See sections 1 and 5 of the manual for a description of sbl.

      A key is the first component of a compound key, excluding an initial "base64" or "ebase64". This allows multiple web sites or portions of a web site to be handled by a single SBL file.

      Parameters:
      sblfile - the SBL file
      key - the key
      Returns:
      the first URI to visit when logging in
      Throws:
      IOException
      URISyntaxException

    • requestPassphrase

      public static void requestPassphrase(Component owner)
      Request a GPG passphrase. This method will open a dialog box to request a GPG passphrase for decryption. GPG encryption can be optionally used to protect a private key when Secure Basic Authentication is used.
      Parameters:
      owner - a component over which a dialog box should be displayed

    • clearPassphrase

      public static void clearPassphrase()
      Remove the current GPG passphrase. As a general rule, this method should be called as soon as a passphrase is no longer needed, or will not be needed for some time.

    • setTimeLimit

      public static void setTimeLimit(long limit)
      Set the time limit used to determine if multiple authentication failures for cached entries are occurring close to each other in time to indicate that the user should be queried. The default value is 60 seconds.

      Ideally this would not be necessary, but the Java API for an Authenticator does not allow us to determine whether a failed authentication request was generated by this authenticator or by a cached value stored elsewhere.

      The value should be large enough to account for a server that is heavily overloaded. When a server is on a local-area network and is not going to be overloaded, a much lower value than the default is appropriate.

      Parameters:
      limit - the limit in milliseconds

    • getAuthenticator

      public static Authenticator getAuthenticator(Component comp)
      Get an authenticator for network authentication requests. This is equivalent to getAuthenticator(comp,true).

      Parameters:
      comp - the component on which a dialog box should be centered when an authentication request is given to the user
      Returns:
      an authenticator
      See Also:

    • getAuthenticator

      public static Authenticator getAuthenticator(Component comp, boolean withMap)
      Get an authenticator for network authentication requests, optionally requesting a map that stores data entered via a dialog box so that new secure-basic passwords can be generated without needlessly querying a user.

      Parameters:
      comp - the component on which a dialog box should be centered when an authentication request is given to the user
      withMap - true if the authenticator maps keys based on schemes, hoste, ports, and realms with data that would otherwise be obtained from a dialog box; false otherwise
      Returns:
      an authenticator
      See Also: